Re: Fwd: Please confirm your message

To: debian-devel@lists.debian.org
Subject: Re: Fwd: Please confirm your message
From: Adam McKenna <adam@flounder.net>
Date: Wed, 4 Dec 2002 00:48:06 -0800
Message-id: <[🔎] 20021204084806.GA27141@flounder.net>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] E18JUnj-0005Kb-00@eris.void.at>
References: <[🔎] 200212011435.28683.russell@coker.com.au> <[🔎] 20021201181946.GA2055@nomad.mobile.innominate.org> <[🔎] 200212012043.06927.russell@coker.com.au> <[🔎] 20021202153930.GA17791@gondor.com> <[🔎] 87lm3875sp.fsf@rabbit.fire-swamp.net> <[🔎] E18IzNF-00059n-00@eris.void.at> <[🔎] 20021203165610.GJ17736@flounder.net> <[🔎] E18JLuA-0003Zm-00@eris.void.at> <[🔎] 20021203232028.GC1805@flounder.net> <[🔎] E18JUnj-0005Kb-00@eris.void.at>

On Wed, Dec 04, 2002 at 09:22:35AM +0100, Andreas Fuchs wrote:
> On 2002-12-03, Adam McKenna <adam@flounder.net> wrote:
> >> Please enlighten me, anyway: Why is bouncing the full body of the
> >> mail you received from a person who claims to be Adam back to Adam a
> >> good idea?
> > 
> > This is an implementation issue, not a philosophical issue.  
> 
> This is correct. The system still needs to have the sender acknowledge
> that the message she sent is the one she is replying to, which requires
> at sending at least a little of the message back; pieces of which can
> be spam sent from a malicious user. TMDA source says so, too, in the
> comment to AUTORESPONSE_INCLUDE_SENDER_COPY.

Yes, but this can be set to include only the headers, or none of the
sender's message, if the user desires.  It still, at most, includes all
of the information that would be contained in a normal bounce message.

Have you read DJB's modest proposal regarding SMTP traffic?

> > Since I only use TMDA I can't speak for others but TMDA has a
> > CONFIRM_MAX_MESSAGE_SIZE configuration variable, which will exclude
> > the body of the message from the confirmation request if its size
> > exceeds the defined value.  The default is 50k.
> 
> Right, and in TMDA there is also MAX_AUTORESPONSES_PER_DAY, which only
> seems to consider messages per sender. I'm not quite convinced that such
> a setup can not be abused as a spam reflector, useless as it may be (it
> bounces the full headers), other than annoying a lot of people. (-:

Any autoresponder can be used as a spam "reflector", so that still doesn't
condemn this particular class of software.  There is no amplification effect.

--Adam

-- 
Adam McKenna  <adam@debian.org>  <adam@flounder.net>

Reply to:

References:
- Re: Fwd: Please confirm your message
  - From: Russell Coker <russell@coker.com.au>
- Re: Fwd: Please confirm your message
  - From: "Gerrit Pape" <pape@smarden.org>
- Re: Fwd: Please confirm your message
  - From: Russell Coker <russell@coker.com.au>
- Re: Fwd: Please confirm your message
  - From: Jan Niehusmann <jan@debian.org>
- Re: Fwd: Please confirm your message
  - From: Stephen Zander <gibreel@debian.org>
- Re: Fwd: Please confirm your message
  - From: Andreas Fuchs <asf@void.at>
- Re: Fwd: Please confirm your message
  - From: Adam McKenna <adam@flounder.net>
- Re: Fwd: Please confirm your message
  - From: Andreas Fuchs <asf@void.at>
- Re: Fwd: Please confirm your message
  - From: Adam McKenna <adam@flounder.net>
- Re: Fwd: Please confirm your message
  - From: Andreas Fuchs <asf@void.at>

Prev by Date: Re: esound with libasound2
Next by Date: Bug#171672: ITP: lufs-{utils,src} -- Linux Userland Filesystem
Previous by thread: Re: Fwd: Please confirm your message
Next by thread: Re: Fwd: Please confirm your message
Index(es):
- Date
- Thread